Imagine typing your password on your computer and having an AI listen to every keystroke and accurately guess what you are typing. This is not a sci-fi scenario but a real possibility, according to a new study by a team of researchers in the UK.
They reported that AI can listen to the keystrokes you make on your computer and steal your passwords with up to 95% accuracy. Let’s dive into this disturbing new information and see how you can protect yourself from this unfortunate situation.
How AI can eavesdrop on your keyboard
When the researchers tested an AI model listening to keystrokes, they trained the model on the intensity, waveform, and time of each keystroke. The model listened for the keystrokes on a MacBook Pro and was able to repeat them with up to 95% accuracy.
However, having the model focus on the intensity, waveform, and time of every keystroke means that AI will analyze the way you are typing and not how loud your keyboard sounds while you’re typing.
There’s no need to rush out and get a brand-new keyboard that you think will sound quieter than the one you already have. The research team also tested this theory during a Zoom call and a Skype call, and each ended with the AI model reproducing keystrokes with over 90% accuracy. A Zoom spokesperson had this to say regarding those findings,
Zoom takes the privacy and security of our users seriously. In addition to the mitigation techniques suggested by the researchers, Zoom users can also configure our background noise suppression feature to a higher setting, mute their microphone by default when joining a meeting, and mute their microphone when typing during a meeting to help keep their information more secure.
This means that AI can potentially steal your passwords or other sensitive data by simply listening to your keystrokes, even if you are not showing your screen or keyboard during a video call. This is a serious security threat that could expose your online accounts to hackers.
MORE: APPLE’S REPLACEMENT FOR THE PASSWORD
How hackers can use your microphone to steal your passwords
A hacker can simply use this technique or method by installing malware on your devices with a microphone, such as your laptop or smartphone.
Once the malware is installed, it can gather data from your previous keystrokes and then feed them to an AI model, which will then use your microphone to listen in and repeat those same keystrokes to get your passwords.
Although this is a more complicated way for a hacker to get password information out of you, it’s not impossible, and you should still take precautionary measures to protect yourself from this potential threat.
How to keep yourself safe from AI replicating your keystrokes
Turn off your microphone on a PC or Mac
If you want to safeguard your privacy by disabling the microphone on your PC or Mac to prevent potential eavesdropping, ensuring that sensitive activities like typing passwords remains secure from AI-driven listening.
On a Mac:
- Select System Preferences in your dock
- Click Security & Privacy or it might be listed as Privacy & Security
- Scroll down and click Microphone to see which programs and apps have access to these functions
- Check or uncheck apps or programs you wish to give or deny access to the microphone
On a PC:
- Select Start
- Go to Settings
- Select Privacy & security
- Click Microphone
- In Allow access to the microphone on this device, select Change and make sure Microphone access for this device is turned on.
- In Microphone settings, go to Allow apps to access your microphone and make sure it’s turned on.
- Once you’ve allowed microphone access to your apps, you can change the settings for each app. In Microphone settings, go to Choose which Microsoft apps can access your microphone, and turn on apps you want to use with it.
- For desktop apps, make sure that Allow desktop apps to access your microphone is turned on.
Have white noise play in the background
Another suggestion is having white noise or even software-based keystroke audio filters playing in the background while typing on your keyboard.
Use strong and unique passwords
Use strong and unique passwords for your online accounts and change them periodically. A password manager can be a vital tool in preventing AI intrusions for two main reasons.
First, it consolidates all your passwords, automatically populating login fields, eliminating the need for you to recall or manually type them. This reduces the chance of AI detecting or predicting your keystrokes.
Second, password managers generate and safeguard intricate passwords for every account. This means that even if a hacker compromises one password, your other accounts remain secure and untouched.
My #1 pick for password manager is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.
Use 2-factor authentication
Another way to protect yourself from AI getting your passwords is by using 2-factor authentication. Having 2-factor authentication will add an extra shield that will prevent AI from getting into your account even if it guesses a keystroke correctly.
This usually comes in the form of having to provide extra information like confirming with a text message, email, or even on a separate 2FA app such as Microsoft authenticator.
With 2FA in place, AI won’t be able to successfully steal your passwords with just a simple keystroke. Look into using 2-factor authentication on all your devices and accounts if it is available.
MORE: ARE YOUR PASSWORDS SAFE?
Have strong antivirus software on all your devices
Keeping hackers and AI models out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, which is the first step a hacker might use to get that AI model to record your keystrokes.
Special for CyberGuy Readers: My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
Read my review of best antivirus picks here
Kurt’s key takeaways
Ultimately, getting a new keyboard is not the solution to avoiding AI models stealing your keystrokes. The best you can do is follow all my suggestions above and make sure you’re regularly checking all your accounts to spot any suspicious activity. This is a scary scenario; however, it can likely be avoided as long as you are vigilant and attentive to your information.
What more could AI companies like OpenAI be doing to make sure that hackers can’t use their models to assist them with malicious activity? Let us know by commenting below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Related:
- Apple’s replacement for the password
- Best expert-reviewed password managers of 2023 4
- Are your passwords safe?
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
30 comments
What about face recognition??
Yes – another good option!